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4. (Amended) A method according to claim 1 wherein the user data is derived from data 
stored on a portable data carrier, the user data being generated when a physical characteristic 

1 1 . (Amended) A method according to claim 9 wherein the verification data is generated 
in an encrypted form. 

14. (Amended) A method according to claim 12 wherein the authentication data is 
retrieved from a central database in an on-line process. 

1 5 . (Amended) A method according to claim 1 2 wherein the authentication data is data 
derived from the document itself or from the bearer thereof. 



30086483 1 



2 



ATTORNEY DOCKET: P-6396 



PATENT 



. Applicant: TAME, Gavin Randall 
REMARKS 

Applicant has amended claims 4, 11, 14 and 15 in order to eliminate multiple dependancy. 
A marked-up version of claims as they are currently pending is attached as Appendix A. 



The applicant respectfully requests the Examiner to find the new claims allowable. 



Piper Marbury Rudnick & Wolfe 

P.O. Box 64807 
Chicago, IL 60664-0807 
Phone: (312)368-4000 
Fax: (312)236-7516 




30086483 1 



3 



PTO/PCTRec'd0 7JAN2002 



PCT/IBOO/00908 



DOCUMENT VERIFICATION SYSTEM 



BACKGROUND OF THE INVENTION 

THIS invention relates to a method of generating a document, a method of 
verifying the authenticity of a document and to a system for implementing the 
methods. 

Document fraud, particularly relating to documents of monetary value such as 
cheques, is increasingly prevalent and causes huge financial losses both to 
financial institutions and the general public. Various attempts have been made 
to reduce such fraud, but existing methods such as the use of identification 
cards by persons wishing to cash a cheque can be onerous for the users 
thereof, and are in any case still subject to fraud. 

It is an object of the invention to provide an alternative method and system of 
generating documents and verifying the authenticity of such documents. 
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SUMMARY OF THE INVENTION 

According to the invention there is provided a method of generating a 
document comprising the steps of: 

permitting access to a document creation system by an 
authorised user; 

recording user data identifying the user; 

generating document data defining a document; 

generating verification data from the user data and the 
document data; 

recording authentication data corresponding to the verification 
data; and 

printing the document utilising the document data and the 
verification data, so that the document includes a machine 
readable portion usable to verify the authenticity thereof. 

The method may include generating a user identification record and storing the 
record for comparison with the user data when a user attempts to access the 
document creation system. 

The user data and the user identification record may comprise data from a 
fingerprint scanner or another biometric device, for example. 
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The user data may be derived from data stored on a portable data carrier such 
as a smart card, the user data being generated when a physical characteristic 
of the user, such as a fingerprint, matches data stored on the portable data 
carrier. 

The authentication data may be stored in a document verification database. 

The verification data may take the form of a bar code, symbol or other machine 
readable indicium. 

Preferably, the verification data is a printed symbol or code readable optically, 
and contains data which corresponds at least partially to the user data and the 
related document data contained in the authentication data which is stored in 
the document verification database. 

The verification data is preferably generated in an encrypted form. 

The invention extends to a method of verifying the authenticity of a document 
generated by the above-defined method, including the steps of: 

reading verification data from the document; 

retrieving authentication data corresponding to the verification 
data and comparing the verification data with the authentication 
data; and 

indicating that the document is authentic if the compared data 
matches. 

In the case where the verification data is encrypted, the method will include the 
step of decrypting the verification data read from the document. 
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The authentication data may be retrieved from a central database in an on-line 
process. 

Alternatively, the authentication data may be data derived from the document 
itself, or from a bearer thereof, for example. 

The invention includes a system for generating documents comprising: 

a document creation station operable by a user to input document data 
and to generate printed documents based on the document data; 

access control means arranged to generate user data corresponding to 
an authorised user; 

processor means for generating verification data derived from the 
document data and the user data, the verification data being applied to 
the printed document; and 

a database for storing an authentication record corresponding to the 
verification data, for use in authentication of the document. 

The system preferably includes at least one document reading device for 
reading the verification data on a document, and processor means for 
comparing the verification data read from the document with authentication 
data. 

The system preferably further includes communication means for transferring 
authentication data from the database, for comparison with the verification 
data read from the document. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 is a highly schematic block diagram of a document creation and 
verification system according to the invention. 

DESCRIPTION OF EMBODIMENTS 

In general, the present invention aims to provide a method and system for 
generating documents the authenticity of which can readily be verified, and to 
a method and system for verifying such documents. 

In this specification, although the invention is described primarily with reference 
to cheques, being documents having a monetary value, it will be appreciated 
that the application of the invention is not limited to cheques, and that the 
invention can be applied to the verification of vouchers, certificates, 
identification documents and many other kinds of valuable documents. The 
invention could also, for example, be applied to document labelling such as 
bills of lading and other transportation documents or labels. 

The main aim of the invention is to provide relatively secure and tamper proof 
methods of issuing/creating, distributing and verifying the authenticity of 
documents. The invention also provides accountability throughout the 
document creation/management process, and was designed in order to 
prevent the fraudulent manipulation of or tampering with documents throughout 
their life cycle. Specifically in the case of cheques, the invention aims to 
prevent fraudulent manipulation and tampering from the time of creation of a 
cheque (ie. entering the cheque data and printing the cheque) through to the 
final verification of the authenticity of a presented cheque and approval for 
payment thereof. 
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The methodology of the invention can be split into three main stages: 

a document creation stage, 

a document distribution stage, and 

a document verification stage. 

The distribution of the documents is mentioned primarily for completeness. It 
is significant that, due to the inherent security of documents created by the 
method of the invention, the method of distribution of the documents can be 
flexible. This is because each document carries its own verification data, and 
the document can be verified at any stage of its distribution. 

The document verification stage is an important component of the invention, by 
means of which documents are checked for authenticity. For example, the 
authenticity of a cheque may be verified before it is paid. Such verification 
may be carried out on-line, either manually or in an automated process, or off- 
line in certain applications. 

Central to the above three stages is a document verification database, which 
holds a complete record of all documents created. The document verification 
database contains a duplicate of verification data which is printed on the 
document itself, enabling future verification thereof. In order to hinder fraud, 
sophisticated encryption techniques are used to generate and print the 
verification data. 

The various aspects of the invention are described in greater detail below. 

Figure 1 shows, in a simplified block diagram form, the main components 
which form the system of the invention. Documents are created at a document 
creation station using a computer 10 (typically a personal computer or PC) with 
an associated high quality printer 12. Documents can also be created by a 



WO 01/03077 



PCT/IB00/00908 



-7- 

mass production printer using font based symbols (as opposed to the normal 
image based symbols). Such font based symbols do not slow down production 
capacity. A scanner 14 is connected to the computer 10 and is used to 
identify a user of the system. 

Connected to the computer 10, typically via modems which access an existing 
telecommunications network, or another means of communicating over a wide 
area, is a central verification database 16. Apart from the computer 10 (and 
others like it) enquiry stations 18 and document verification stations 20 are 
connected to the database 16. Each document verification station will typically 
comprise a computer 20 with an associated high speed scanner/feeder 22. 

In order to control access to the document creation station, authorised users 
are provided with access cards or identity cards which contain encrypted 
machine readable data identifying the user. The data is preferably biometric in 
nature, such as fingerprint data. A fingerprint scanning unit is used to acquire 
a fingerprint of the user, and the fingerprint biometric data, together with other 
data identifying the user, is compressed and encrypted and encoded into a 
two-dimensional code or symbol which is printed on the access card. 

To use the document creation system, a user presents the card to a reader, 
which scans and decodes the symbol on the card and retrieves the fingerprint 
biometric data therefrom, as well as other data identifying the user. At the 
same time, the user places his/her finger in a fingerprint scanner, and the "live" 
scanned fingerprint is compared with the biometric data stored on the card. If 
these details match, the user's details read from the card are entered into a 
user log together with the current date and time, and access is granted to the 
document creation station. The user data log can be used subsequently to 
establish accountability. 
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In an alternative embodiment, instead of using an access card with an 
encrypted, printed symbol thereon, a smart card containing data in its 
embedded memory chip, encrypted to a suitable level, can be used instead. In 
either case, the data on the access card can include data relating to the level 
of the document creation system to which the user has access. In another 
alternative embodiment, the user can use a "live" fingerprint scan which is 
compared to a database of fingerprints (a one to many match). 

From the abovementioned user data and other relevant data such as the date 
and time and the details of the document itself, verification data is generated. 
This data will be applied to the document which is created, and is also stored 
in the verification database as an authentication record, which means that a 
complete record of the document exists on the database. Typically, the 
verification data will consist of one or more of the following (although it is not 
restricted to these): 

1 . details of an operator generating the document; 

2. date/time stamps; 

3. unique document and/or institution code; 

4. partial or relevant details from the document (example: monetary 
amounts); 

5. digital signatures of the operator and/or competent authority; 

6. digital certificates; 

7. fingerprint or other biometric data; 

8. textual information. 

For printing on the document, the verification data is compressed and 
encrypted, and printed in a two dimensional graphic format or font format, as a 
symbol or code. The data compression and encryption processes are now 
described. 
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The encryption of the verification data is an important part of the process as 
the protection of the symbol against fraudulent onslaughts depends on the 
strength of the encryption. The encryption used can be divided into two distinct 
parts, namely private/public key encryption (Asymmetric Encryption) and multi- 
layered core encryption. 

The public/private key encryption takes care of two aspects of authority. The 
first is the authority to create the verification data of a document. The second 
part is the authority to decode the verification data. The former is based on a 
private key, which is entered into the user's machine readable access card by 
an administrator of the system. This private key encrypts the data. The private 
key allows for the creation of a specific public key which creates the latter part, 
an authority to view the verification data. The public key allows for the 
decoding or access to the verification data within the two dimensional bar 
code. 

The private key can only be created with the private creation system which 
allows a person in authority to create this key. 

The multi-layered encryption system is an inner layer of encryption beneath 
the above mentioned private/public key layer. This encryption makes use of 
three distinct encryption methods, which are completely different from each 
other. Two of the encryption methods are data scrambling algorithms. The third 
layer is a form of encryption which allows for each symbol created to be 
uniquely encrypted. This layer creates the strongest encryption and therefore 
the most fraud proof verification symbol possible. 

Data compression is important for small portable data carriers employing two- 
dimension graphic symbols. The more verification data which one can 
incorporate in the verification symbols, the more effective the security and 
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verification of documents. There are three types of data compression, which 
are applied to four types of verification data. 

Signature compression is used to compress scanned signatures. This 
compression is used primarily for the incorporation of signatures into two- 
dimensional verification symbols for personal cheques. It is used to compare 
the signature on a cheque with that incorporated within the verification symbol. 

Facial compression is also used to compress digital facial images. These are 
used to verify ownership of private cheques and other personal documents. 

This form of compression is necessary if one wishes to incorporate signatures 
within the restricted storage capacity of a two-dimensional symbol, as scanned 
signatures are digital raster images which consume large amounts of storage. 
Since this is a digital image compression it is a "lossy" compression (a 
compression which disposes of less relevant data). 

Text data compression is used in all the verification symbols (two-dimensional 
symbols) of documents. There is normally a substantial amount of data 
required for the complete verification of documents and a high ratio "lossless" 
text compression (a compression which does not dispose of any data during 
the compression process) is needed. The compression allows for the entire 
verification record to be incorporated on a document. 

Fingerprint biometric data acquisition and compression is required to be able to 
incorporate fingerprint biometrics into the document verification two- 
dimensional symbols. This compression is a "lossy" type of data compression. 

The fingerprint biometrics are used in the verification symbols when absolute 
accountability is required for document verification. The fingerprint biometric 
scanner used can be a commercially available fingerprint matching product. 
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The above mentioned secure form of fingerprint verification as well as highly 
compressed fingerprint biometric data are the two main elements of security, 
absolute verification and definite accountability. This technology allows for 
verified and secure access to the system as well as ensuring accountability 
throughout the life cycle of a document. Since the compressed biometric data 
can travel with the document within a two-dimensional symbol, accountability 
data travels with the document and can be determined at any stage. 

The encrypted symbol code which is printed on the document can be regarded 
as an extension of a traditional linear bar code, in that it is a printed symbol 
which facilitates machine reading thereof. A conventional bar code is only 
capable of representing enough data (typically 8 to 12 characters) to serve as 
a key to a more comprehensive database or record. The two dimensional 
graphic code used by the present invention, on the other hand, has sufficient 
capacity, especially using the compression methods described above, to hold 
an entire data record containing a substantial amount of data. In other words, 
the printed symbol is not merely a reference to a record stored elsewhere, but 
itself comprises a complete record. 

The printed symbols also carry user definable levels of error correction. The 
error correction used allows for one hundred percent recoverability of the data 
contained in the symbol when the symbol suffers damage which is less than a 
predetermined maximum damage threshold. This makes the system relatively 
robust. 

In document verification, use can be made of various two dimensional symbols 
commercially available (PDF417, Supercode and Aztec, for example) as well 
as proprietary two-dimensional codes or symbols. The choice of two- 
dimensional code depends on the suitability to the particular application and 
the intended scanning hardware. 
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For the purpose of mass printing at printing bureaux, a font based symbology 
was developed. This was necessary so that high speed printing bureaux do 
not require huge amounts of memory for large batches and so that production 
is not slowed down. 

During the creation stage the relevant verification data and accountability data 
is compressed and encrypted and encoded into a two-dimensional bitmap 
image. This bitmap image or font set representing the symbol can be attached 
to any document and printed. The images are used in different manners 
depending on the type of document verification they are been used for. 

In cheque verification a single two-dimensional symbol or code is printed on 
the cheque. The monetary amount, to whom the cheque is payable, the 
creation date, the expiry date and all other relevant data as well as authority 
and accountability data is incorporated into the two-dimensional symbol. 

In other forms of document verification, the relevant data plus authority data is 
incorporated in a symbol as with the above mentioned cheque verification. In 
addition to this key portions of the document can be incorporated in 
compressed and encrypted two-dimensional symbols or, in the case when total 
privacy is required, the entire document can be incorporated in a set of two- 
dimensional symbols. 

Once the two-dimensional code has been created it can be printed on the 
document using a conventional printer and the document is ready for 
distribution. 

The document creation system comprises one or more document creation 
stations. Each document creation station has all the relevant software for 
access control and the software for data compression and encryption and the 
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generation of the two-dimensional verification symbol. The document creation 
station is connected to the online verification database server by a local area 
network (LAN) if the verification database server is on the same premises or by 
a wide area network (WAN) if the verification database server is at a remote 
site. Instead of a LAN or WAN, other communication systems such as a VPN, 
the Internet/WWW, spread spectrum radio, satellite link or a GSM network 
could be used, for example. There are two forms of creation stations: 

A stand-alone creation station. On this type of station, all the functions of 
document creation are carried out on the workstation. The creation of the 
document, the creation of the compressed and encrypted two-dimensional 
code and the printing of the document are carried out at the station. The 
station is connected to a printer or a number of printers so that the documents 
can be printed. 

A document symbol server: The server is part of the LAN or WAN. The 
documents are not generated on the server. Only the verification data is sent 
to this server. The server records the verification data as a record on the 
central verification database. It then creates the compressed and encrypted 
two-dimensional code (in bitmap image form) and dispatches this symbol to the 
system which created the document. 

The document creation station preferably includes a test system including a 
two-dimensional scanner, which can be a hand held scanner or a fiat bed 
document scanner. This scanner is used to test the printed two-dimensional 
symbols on documents created by the system. 

As mentioned above, distribution of the documents created by the method of 
the invention is flexible, since each document is self-verifying due to the 
printing of tamper proof machine-readable data on the document itself. For 
example, in the case of a cheque which is mailed to a recipient thereof, a third 
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party who intercepts the cheque will not be able to read or alter the printed 
verification data on the cheque, so that even if the name of the payee or the 
amount of the cheque were to be altered, subsequent verification of the 
cheque will reveal the discrepancy. 

Verification of the documents generated by the method of the invention is 
carried out in order to detect any fraudulent manipulation or tampering which 
has taken place, or even fraudulent creation of a document. Accountability for 
the document is also established and can be recorded where necessary. In 
some cases, typically in the case of cheque verification where payment takes 
place following the verification procedure, the payment details are entered 
against the verification data in the verification database, which prevents 
duplicate payments from being made. 

Various levels of access control to the document verification stage of the 
method can be provided. The access control level depends on the level of 
security required, the type of document verification and the form of document 
verification. The lowest level of access control is merely a PIN code and is 
used in remote offline verification. In mass document verification systems, 
especially those which verify documents of monetary value, the highest level of 
access control is used. This latter form of access control is the same as that 
described above with regard to document creation. Here, the use of access 
cards which contain finger print biometric data ensures that absolute access 
control is established, as well as accountability. Since there are a few distinct 
forms of document verification, each form is described separately below. 

Remote off-line verification is used in cases where on-line connectivity is not 
possible and where remote offline verification is necessary. The verification 
can be carried out on a portable hand held device, a laptop PC, or a 
conventional desk top PC. The system also makes use of remote two 
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dimensional scanners which are battery operated or powered by the portable 
host computer device. 

Remote verification can also take place by means of hand held computers with 
built-in scanners since these are programmable. Access control and 
verification programs are stored and executed on these devices. 

Remote off-line verification can be carried out manually, in which case a two- 
dimensional scanner is attached to the PC or portable computer. The two- 
dimensional symbol or each symbol is scanned. The symbol is decoded, 
decompressed and decrypted. The data derived from the two-dimensional 
symbol is then displayed. The operator can determine the authenticity of the 
document and also review the accountability and authority of the document. In 
some forms of document verification the contents can be manually verified 
against those of the document. This is the case in the remote cheque 
verification system. 

Alternatively, the remote off-line system can use automated OCR/ICR 
technology. This form of verification has particular applications when remotely 
verifying documents of monetary value such as cheques. An A4 hand-held 
scanner is used for this process. The entire document is scanned. The writing 
on the document is converted to computer compatible text data by means of 
optical character recognition (OCR). The encrypted and compressed two- 
dimensional symbol is also decoded. The system compares the data derived 
from the two-dimensional bar code with that which was derived from the optical 
character recognition. Any discrepancies are highlighted and recorded. 

On-line verification can utilise manual or high speed batch scanning. This first 
form of verification requires the operator to scan the document two- 
dimensional verification symbols with a handheld two-dimensional scanner or a 
hand held A4 document scanner. The online central verification database is 
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accessed. The record for the particular document, within the online verification 
database is compared to that the data record decoded out of the symbol. If 
there are any discrepancies, they are highlighted. 

High speed batch verification is the most sophisticated system. It is used 
primarily for high speed automated verification of documents of monetary 
value. It is a main component of a typical cheque verification system of the 
invention and provides a highly secure and computer automated cheque 
verification center for banks. The main component of this system is a 
verification work station. This work station has the following software: 

Access control and accountability software 

This software restricts access to the system and also created an accountability 
log of the verifying operator. 

Image based two-dimensional symbol decoding software 

Since the cheques are scanned in batches by a scanner or a number of 
scanners (document flatbed scanners with automatic document feeders), the 
two-dimensional symbol decoding software is image based. The symbol is 
detected and decoded. 

Decompression and decryption software 

This software decompresses the decoded symbol data and then decrypts the 
data. 

Interface software to high speed document scanners 

This is image acquisition software which acquires the images from the high 
speed document scanners. 

Image processing software 
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This is highly specialized image processing software which cleans up and 
enhances the document image so that the two-dimensional bar code can be 
easily decoded. The document cleanup also aids the OCR software. 

OCR software 

The purpose of the optical recognition software is a first phase verification of 
the printed data on the cheque with the data acquired from the two- 
dimensional symboUThe OCR software used in the prototype system is based 
on backward propagation neural network technology as well as sophisticated 
image extraction techniques. The neural network is trainable and can be 
trained to identify various fonts as well as partially visible letters and numbers. 

The automated high speed verification process is conducted as follows. The 
documents are loaded into the automatic document feeder of the scanner. The 
software interface to the scanner triggers the document feeder so that the 
documents are automatically fed into the scanner and then scanned. The 
document images are then processed by the image processing software. The 
printed characters are extracted and identified by the optical character 
recognition. The two-dimensional symbol is then extracted and the data is 
decoded, decompressed and decrypted. The data acquired from the two- 
dimensional symbol is compared with the results of the optical character 
recognition. If there are any discrepancies in the comparison, they are 
recorded in the central verification database record for the particular document. 

The data extracted from the two-dimensional verification symbol is then 
compared to the authentication record in the central verification database 
record. If there are discrepancies the document is marked as fraudulent. The 
system also verifies that the document has not been previously paid in the 
case of verification of cheques and other documents of monetary value. In the 
case of documents of monetary value the system will approve payment of the 
document or cheque if it is satisfied that the document is fraud-free and has 
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not already been paid on. All statuses are recorded in the central verification 
database. The entire process is automated and requires (and will not allow) 
any human intervention. 

The central verification database is central to the process described above. All 
actions relating to a document are recorded in this database. The contents of 
the database are encrypted and a secure hardware device controls the 
encryption. 

The encryption encoding is set by a person who has due authority to carry out 
this task. Each time a document is created the verification data of the 
document is recorded in the verification database. A duplication of this record 
is used to create the printable two-dimensional verification symbol which 
travels with the document. When a document is verified the data acquired from 
the verification symbol is compared with the original database record. All 
results of the document verification process are recorded in the verification 
database in the appropriate document record. 

In order to permit enquiries to be made via the enquiry stations 18, the central 
verification database can be accessed for this purpose. Examples of enquiries 
which can be made include the following: 

On whose authority was the document created? 
Who created the document? 
On what date was the document created? 
For cheques: 

The expiry date. 
The amount. 
The payee. 

The bank details and cheque number. 
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The signatories. 

Was the cheque paid and if so, when? 
Who verified it? 

Was the document identified as fraudulent and if so, what was the 
nature of the fraud? 

The inquiry system can also supply statistical reports, such as information on 
how many documents of a certain value were detected as being fraudulent. 

An image of each document, which is acquired from the document image 
scanner during the verification process, is stored and indexed in an archive 
controlled database. Preferably, the images are stored on optical storage 
media. These images can be used in the case of a dispute, and the encrypted 
symbols on the images can also be used recreate the database in a disaster 
recovery situation. 
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CLAIMS : 

1 . A method of generating a document comprising the steps of: 

permitting access to a document creation system by an 
authorised user; 

recording user data identifying the user; 

generating document data defining a document; 

generating verification data from the user data and the 
document data; 

printing the document utilising the document data and the 
verification data, so that the document includes a machine 
readable portion usable to verify the authenticity thereof. 

2. A method according to claim 1 including generating a user identification 
record and storing the record for comparison with the user data when a 
user attempts to access the document creation system. 

3. A method according to claim 2 wherein the user data and the user 
identification comprise data from a fingerprint scanner or another 
biometric device. 

4. A method according to any one of claims 1 to 3 wherein the user data is 
derived from data stored on a portable data carrier, the user data being 
generated when a physical characteristic of the user matches data 
stored on the portable data carrier. 



WO 01/03077 



PCT/IB00/00908 



-21- 

5. A method according to claim 4 wherein the portable data carrier is a 
smart card. 

6. A method according to claim 4 or claim 5 wherein the physical 
characteristics of the user is a fingerprint or other biometric data. 

7. A method according to any one of claims 1 to 6 wherein the 
authentication data is stored in a document verification database. 

8. A method according to claim 7 wherein the verification data takes the 
form of a bar code, symbol or other machine readable indicium. 

9. A method according to claim 7 or claim 8 wherein the verification data 
is a printed symbol or code readable optically, and contains data which 
corresponds at least partially to the user data and the related document 
data contained in the authentication data which is stored in the 
document verification database. 

10. A method according to claim 9 wherein the verification data comprises 
one or more of the following: details of an operator generating the 
document, date/time stamps, a unique document and/or institution 
code, partial or relevant details from the document, digital signature of 
the operator and/or competent authority, a digital certificate, a facial 
image of a relevant person; a digital image of a hand written signature, 
a fingerprint or other biometric data, or textual information. 

11. A method according to claim 9 or claim 10 wherein the verification data 
is generated in an encrypted form. 

12. A method of verifying the authenticity of a document generated by the 
method of any one of claims 1 to 1 1 , the method including the steps of: 
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reading verification data from the document; 

retrieving authentication data corresponding to the verification 
data and comparing the verification data with the authentication 
data; and 

indicating that the document is authentic if the compared data 
matches. 

13. A method according to claim 12 wherein the verification data is 
encrypted, the method including the step of decrypting the verification 
data read from the document. 

14. A method according to claim 12 or claim 13 wherein the authentication 
data is retrieved from a central database in an on-line process. 

15. A method according to claim 12 or claim 13 wherein the authentication 
data is data derived from the document itself or from the bearer thereof. 

16. A system for generating documents comprising: 

a document creation station operable by a user to input 
document data and to generate printed documents based on the 
document data; 

access control means arranged to generate user data 
corresponding to an authorised user; 
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processor means for generating verification data derived from 
the document data and the user data, the verification data 
being applied to the printed document; and 

a database for storing an authentication record corresponding to 
the verification data, for use in authentication of the document. 

17. A system according to claim 16 including at least one document 
reading device for reading the verification data on a document, and 
processor means for comparing the verification data read from the 
document with authentication data. 



18. 



A system according to claim 17 including communication means for 
transferring authentication data from the database, for comparison with 
the verification data read from the document. 



.. ::.,T '!. : ,: O'h;: ■!' ! ! 



(12) INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(19) World Intellectual Property Organization 

International Bureau 



(43) International Publication Date 
11 January 2001 (11.01.2001) 




PCT 



llllll II III I ,1111 II II II III: II I II 

(10) International Publication Number 

WO 01/03077 Al 



(51) International Patent Classification 7 : G07D 7/00 

(21) International Application Number: PCT/IBOO/00908 

(22) International Filing Date: 5 July 2000 (05.07.2000) 

(25) Filing Language: English 

(26) Publication Language: English 



(30) Priority Data: 

99/4367 



5 July 1 999 (05 .07. 1 999) ZA 



(71) Applicant (for all designated States except US) : DEXRAD 
(PROPRIETARY) LIMITED [ZA/ZA]; BP House, 10 
Junction Road, 2193 Parktown (ZA). 



(72) Inventor; and 

(75) Inventor/Applicant (for US only): TAME, Gavin, Ran- 
dall [ZA/ZA]; 346 Schoongezicht Street, Erasmusrand, 
0181 Pretoria (ZA). 

(74) Agents: DE V1LLIERS, Christopher, Murray et al.: 
Spoor And Fisher, Rochester Place, 173 Rivonia Road, 
Morningside, Sandton, P.O. Box 41312, 2024 Craighall 
(ZA). 

(81) Designated States (national): AE, AG, AL, AM, AT, AU, 
AZ, BA, BB, BG, BR, BY, BZ, CA, CH, CN, CR, CU, CZ, 
DE, DK, DM, DZ, EE, ES, FI, GB, GD, GE, GH, GM, HR, 
HU, ID, IL, IN, IS, JP, KE, KG, KP, KR, KZ, LC, LK, LR, 
LS, LT, LU, LV, MA, MD, MG, MK, MN, MW, MX, MZ, 
NO, NZ, PL, PT, RO, RU, SD, SE. SG, SI, SK, SL, TJ, TM, 
TR, TT, TZ, UA, UG, US, UZ, VN, YU, ZA, ZW. 



[Continued on next page J 



\ (54) Title: DOCUMENT VERIFICATION SYSTEM 




ENQUIRY STVTION 



(57) Abstract: A method of gener- 
ating documents and verifying their 
authenticity firstly requires controler 
access to a document creation 
system so that only authorised 
users can create documents. User 
data which identifies a user of the 
system is recorded, and verification 
data is generated from both the 
user data and data corresponding 
to documents generated using 
the system. Authentication data 
corresponding to the verification 
data is recorded, and the document is 
then printed with a machine readable 
portion containing the verification 
data. The machine readable portion 
is typically a two dimensional bar 
code or symbol. When the document 
is presented, the verification data 
is read from it, for example by 
optical scanning, and compared 
with retrieved authentication data to 
indicate whether or not the document 
is authentic. 



WO 01/03077 PCT/B800/00908 

1 /1 

=^£31 




„ I P ;! I: •< O «„;! \ 


'., (> _ 

Page 1 of 




Docket No. 


Declaration and Power of Attorney For Patent Application 


English Language Declaration 




As a below named inventor, 1 hereby declare that: 




My residence, post office address and citizenship are as stated below next to my name, 


1 believe 1 am the original, first and sole inventor (if only one name is listed below) or an original, 

first and joint inventor (if plural names are listed below) of the subject matter which is claimed and for 

which a patent is sought on the invention entitled DOCUMENT VERIFICATION SYSTEM 


the specification of which 




(check one) 




□ is attached hereto. 




Q was filed on January 7 , 2002 as United States Application No. or PCT International 


; Application Number 10/030,276 




and was amended on 




(if applicable) 




I hereby state that I have reviewed and understand the contents of the above identified specification, 
including the claims, as amended by any amendment referred to above. 


I acknowledge the duty to disclose to the United States Patent and Trademark Office all information 
known to me to be material to patentability as defined in Title 37, Code of Federal Regulations, 
Section 1.56. 


I hereby claim foreign priority benefits under Title 35, United States Code, Section 119(a)-(d) or 
Section 365(b) of any foreign application(s) for patent or inventor's certificate, or Section 365(a) of 
any PCT International application which designated at least one country other than the United States, 
listed below and have also identified below, by checking the box, any foreign application for patent or 
inventor's certificate or PCT International application having a filing date before that of the application 
on which priority is claimed. 


Prior Foreign Application(s) 


Priority Not Claimed 


99/4-367 SOUTH AFRICA 5 .JULY 1999 


a 


(Number) (Country) (Day/Month/Year Filed) 


□ 


(Number) (Country) (Day/Month/Year Filed) 


a 


(Number) (Country) (Day/Montn/Vear Filed) 





Form PTO-SO-01 (3-05) (Modltiad) "" ~~~ ' P02/HEV02 Patent and Trademark Offica'U.S. DEPARTMENT OF COMMERCE 



Page 2 of 



I hereby claim the benefit under 35 U.S.C. Section 119(e) of any United States provisional 



applicatron(a) listed below: 


(Application Serial No.) 


(Filing Date) 


(Application Serial No.) 


(Filing Date) 


(Application Serial No.) 


(Filing Date) 



I hereby claim the benefit under 35 U. S. G. Section 120 of any United States application(s), or 
Section 365(c) of any PCT International application designating the United States, listed below and, 
insofar as the subject matter of each of the claims of this application is not disclosed in the prior 
United States or PCT International application in the manner provided by the first paragraph of 35 
U.S.C. Section 112, I acknowledge the duty to disclose to the United States Patent and Trademark 
Office all information known to me to be material to patentability as defined in Title 37, C. F. R., 
Section 1 .56 which became available between the filing date of the prior application and the national 
or PCT International filing date of this application: 



(Application Serial No.) 


(Filing Date) 


(Status) 

(patented, pending, abandoned) 


(Application Serial No.) 


(Filing Date) 


(Status) 

(patented, pending, abandoned) 


(Application Serial No.) 


(Filing Date) 


(Status) 

(patented, pending, abandoned) 



I hereby declare that all statements made herein of my own knowledge are true and that all 
statements made on information and belief are believed to be true; and further that these statements 
were made with the knowledge that willful false statements and the like so made are punishable by 
fine or imprisonment, or both, under Section 1001 of Title 1 8 of the United States Code and that such 
willful false statements may jeopardize the validity of the application or any patent issued thereon. 



: orm PTO-SR-01 (r-9f,) (Mnrtlflnri) 



Patint and Trademark Offlco-U.S. DEPARTMENT OF commerce 



POWER OF ATTORNEY: As a named inventor, I hereby appoint the following attorney(s) and/or 

agent(s) to prosecute this application and transact all business in the Patent and Trademark Office 
connected therewith, (list name and registration number) 

William T. Rifkin Reg. No. 26,501 

Mark I. Feldman Reg. No. 26MS. 

Michael L. Kenaga Reg. No. 34,632. 

James P. Ryther Reg. No- 20,424 

Joel H. Bootzin Reg. No. 42,342. 

R. Blake Johnston Reg. No- 41,097 

David J. Richter Reg. No. 26,221 

Thomas W. Ryan Reg. No. '43$72 

Jefferson Perkins Reg. No. 31407- 

Jonathan D. Fcuchtwang Reg. No. 



Send Correspondence to: 

Piper Marb ury Rudnick & Wolfe 

P. O. Box 64S07 

Chicago, Illinois 60664-0807 

Direct Telephone Calls to: (name and telephone number) 



Full name of sole or first inventor 

_aAVIN RA NDALLJf AME 
Solo or first inventor's 9lgn 



Residence 

34-6 SCf^OJgEZICHT STREET, ERASMUSRAND, 0181, HIETORIA^ SOUTH AFRICA 



Citizenship 

SOUTH AFRICAN 



Full name of second inventor, it any 



Second invontor'o signature 



Posi Office Address 



II (»-95> (Modified) 



Ofllw-U.S. DEPARTMENT OF COMMERCE 



